<?php
session_start();

define('DB_HOST',   'yallara.cs.rmit.edu.au:53936');
define('DB_NAME',   'happyendings');

define('DB_USER',   '');
define('DB_PW',     '');

if (!$dbconn = mysql_connect(DB_HOST, DB_USER, DB_PW)) {
  echo 'Could not connect to mysql on ' . DB_HOST . "\n";
  exit;
}
			//connect to mysql database

if (!mysql_select_db(DB_NAME, $dbconn)) {
  echo 'Could not use database ' . DB_NAME . "\n";
  echo mysql_error() . "\n";
  exit;
}


$nickname = $_POST['nickname'];
$email = $_POST['email'];
$password = $_POST['password'];
$birthyear = $_POST['birthyear'];
$country_id = $_POST['countryid'];
$countryName = $_POST['CountryName'];
$sex = $_POST['sex'];


if (!eregi("^[a-zA-Z\-\.]+$", $nickname))
	{
		echo '<html><head><link href="template.css" type="text/css" rel="stylesheet" /><title>Registration Failed</title></head><body>Registration failed: Invalid nickname. Nicknames can only consist of letters <br /><a href="register_form.php">Go Back</a> </body></html> ';
		exit;
	}

if (!ereg("^[a-zA-Z0-9_]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$", $email))
	{
		echo '<html><head><link href="template.css" type="text/css" rel="stylesheet" /><title>Registration Failed</title></head><body>Registration failed: Invalid email <br /><a href="register_form.php">Go Back</a> </body></html> ';
		exit;
	}

if (!ereg("^[0-9]+$", $birthyear))
	{

		echo '<html><head><link href="template.css" type="text/css" rel="stylesheet" /><title>Registration Failed</title></head><body>Registration failed: Invalid birthyear <br /><a href="register_form.php">Go Back</a> </body></html> ';
		exit;
	}
if(!ereg("^[a-zA-Z0-9_]+$",$password))
	{
		echo '<html><head><link href="template.css" type="text/css" rel="stylesheet" /><title>Registration Failed</title></head><body>Registration failed: Invalid password. Only letters and numbers are allowed.<br /><a href="register_form.php">Go Back</a> </body></html> ';
		exit;
	}


$queryCheckEmail = "SELECT user_id FROM user WHERE email='$email'";
$result=mysql_query($queryCheckEmail,$dbconn);
if(mysql_num_rows($result)>0) //user already exists
	{
		echo '<html><head><link href="template.css" type="text/css" rel="stylesheet" /><title>Registration Failed</title></head><body>Registration failed: Email already in use <br /><a href="register_form.php">Go Back</a> </body></html> ';
		exit;
	}
	
$queryMax = "SELECT MAX(user_id) from user";
$result=mysql_query($queryMax);


while($row = mysql_fetch_row($result))
	{
		for($i = 0; $i < mysql_num_fields($result); $i++)
		{
			$maxid = $row[$i];
			$maxid = $maxid + 1;
			$userid = $maxid;
		}
	}

$password = md5($password);
$query="INSERT INTO user VALUES ($userid, '$email', '$sex', 'N', 'N','$nickname', '$password', $birthyear, $countryName);";
$result=mysql_query($query);

echo '<html><head><meta http-equiv="refresh" content="3, index.php" /> <link href="template.css" type="text/css" rel="stylesheet" /><title>Register Successful</title></head><body>Registration successful...redirecting in 3 seconds</body></html> ';


?>